From: Amaury Denoyelle <adenoyelle@haproxy.com>
Date: Fri, 13 Nov 2020 15:04:59 +0000 (+0100)
Subject: MINOR: ssl: remove client hello counters
X-Git-Tag: v2.4-dev1~28
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f70b7db825da294d2df7ae025582c66b8a7c86c6;p=thirdparty%2Fhaproxy.git

MINOR: ssl: remove client hello counters

Remove the ssl client hello received counter. This counter is not
meaningful and was only implemented on the fronted.
---

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 39a00d8430..c4cda0562f 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -141,7 +141,6 @@ DECLARE_STATIC_POOL(ssl_sock_ctx_pool, "ssl_sock_ctx_pool", sizeof(struct ssl_so
 
 /* ssl stats module */
 enum {
-	SSL_ST_CLIENT_HELLO,
 	SSL_ST_SESS,
 	SSL_ST_REUSED_SESS,
 
@@ -149,8 +148,6 @@ enum {
 };
 
 static struct name_desc ssl_stats[] = {
-	[SSL_ST_CLIENT_HELLO] = { .name = "ssl_client_hello",
-	                          .desc = "Total number of ssl client hello received" },
 	[SSL_ST_SESS]         = { .name = "ssl_sess",
 	                          .desc = "Total number of ssl sessions established" },
 	[SSL_ST_REUSED_SESS]  = { .name = "ssl_reused_sess",
@@ -158,8 +155,6 @@ static struct name_desc ssl_stats[] = {
 };
 
 static struct ssl_counters {
-	long long client_hello;
-
 	long long sess;
 	long long reused_sess;
 } ssl_counters;
@@ -168,7 +163,6 @@ static void ssl_fill_stats(void *data, struct field *stats)
 {
 	struct ssl_counters *counters = data;
 
-	stats[SSL_ST_CLIENT_HELLO] = mkf_u64(FN_COUNTER, counters->client_hello);
 	stats[SSL_ST_SESS]         = mkf_u64(FN_COUNTER, counters->sess);
 	stats[SSL_ST_REUSED_SESS]  = mkf_u64(FN_COUNTER, counters->reused_sess);
 }
@@ -2326,7 +2320,6 @@ static int ssl_sock_switchctx_cbk(SSL *ssl, int *al, void *arg)
 	struct ebmb_node *node, *n, *node_ecdsa = NULL, *node_rsa = NULL, *node_anonymous = NULL;
 	int allow_early = 0;
 	int i;
-	struct ssl_counters *counters;
 
 	conn = SSL_get_ex_data(ssl, ssl_app_data_index);
 	s = __objt_listener(conn->target)->bind_conf;
@@ -2552,10 +2545,6 @@ allow_early:
 	if (!allow_early)
 		SSL_set_max_early_data(ssl, 0);
 #endif
-	counters = EXTRA_COUNTERS_GET(s->frontend->extra_counters_fe,
-	                              &ssl_stats_module);
-	++counters->client_hello;
-
 	return 1;
  abort:
 	/* abort handshake (was SSL_TLSEXT_ERR_ALERT_FATAL) */